Merge pull request #15906 from atorralba/atorralba/java/jdk-neutrals

Java: Add more neutral JDK models

Author: atorralba

java/ql/lib/ext/java.beans.model.yml

@@ -4,3 +4,12 @@ extensions:
       extensible: summaryModel
     data:
       - ["java.beans", "XMLDecoder", False, "XMLDecoder", "", "", "Argument[0]", "Argument[this]", "taint", "manual"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.beans", "PropertyEditor", "getAsText", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "getValue", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setAsText", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.beans", "PropertyEditor", "setValue", "()", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs

java/ql/lib/ext/java.io.model.yml

@@ -80,7 +80,6 @@ extensions:
       - ["java.io", "File", True, "getName", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "getParentFile", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "getPath", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
-      - ["java.io", "File", True, "listFiles", "()", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toPath", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.io", "File", True, "toURI", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
@@ -116,9 +115,12 @@ extensions:
       - ["java.io", "File", "isFile", "()", "summary", "manual"]
       - ["java.io", "File", "length", "()", "summary", "manual"]
       - ["java.io", "File", "isDirectory", "()", "summary", "manual"]
+      - ["java.io", "File", "listFiles", "", "summary", "df-manual"]
       - ["java.io", "File", "mkdirs", "()", "summary", "manual"]
       - ["java.io", "FileInputStream", "FileInputStream", "(File)", "summary", "manual"]
+      - ["java.io", "FileInputStream", "FileInputStream", "(String)", "summary", "df-manual"]
       - ["java.io", "InputStream", "close", "()", "summary", "manual"]
+      - ["java.io", "ObjectInput", "readObject", "()", "summary", "df-manual"] # this is a deserialization sink modeled in regular CodeQL
       - ["java.io", "OutputStream", "flush", "()", "summary", "manual"]
       # The below APIs have numeric flow and are currently being stored as neutral models.
       # These may be changed to summary models with kinds "value-numeric" and "taint-numeric" (or similar) in the future.

java/ql/lib/ext/java.net.model.yml

@@ -61,3 +61,10 @@ extensions:
       - ["java.net", "URL", False, "toURI", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.net", "URL", False, "toString", "", "", "Argument[this]", "ReturnValue", "taint", "manual"]
       - ["java.net", "URLDecoder", False, "decode", "", "", "Argument[0]", "ReturnValue", "taint", "manual"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.net", "Socket", "getOutputStream", "()", "summary", "df-manual"]
+      - ["java.net", "Socket", "connect", "(SocketAddress,int)", "summary", "df-manual"]

java/ql/lib/ext/java.nio.file.model.yml

@@ -91,6 +91,7 @@ extensions:
     data:
       # summary neutrals
       - ["java.nio.file", "Files", "exists", "(Path,LinkOption[])", "summary", "manual"]
+      - ["java.nio.file", "Files", "newInputStream", "(Path,LinkOption[])", "summary", "df-manual"]
       # sink neutrals
       - ["java.nio.file", "Files", "getLastModifiedTime", "", "sink", "hq-manual"]
       - ["java.nio.file", "Files", "getOwner", "", "sink", "hq-manual"]

java/ql/lib/ext/java.util.logging.yml

@@ -0,0 +1,8 @@
+extensions:
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      # summary neutrals
+      - ["java.util.logging", "LogRecord", "getResourceBundle", "()", "summary", "df-manual"]
+      - ["java.util.logging", "LogRecord", "setParameters", "", "summary", "df-manual"]

java/ql/lib/ext/java.util.model.yml

@@ -107,6 +107,8 @@ extensions:
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapKey", "ReturnValue.MapKey", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedMap", "(SortedMap)", "", "Argument[0].MapValue", "ReturnValue.MapValue", "value", "manual"]
       - ["java.util", "Collections", False, "unmodifiableSortedSet", "(SortedSet)", "", "Argument[0].Element", "ReturnValue.Element", "value", "manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapKey", "Argument[this].MapKey", "value", "df-manual"]
+      - ["java.util", "ConcurrentHashMap", False, "ConcurrentHashMap", "(Map)", "", "Argument[0].MapValue", "Argument[this].MapValue", "value", "df-manual"]
       - ["java.util", "Deque", True, "addFirst", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "addLast", "(Object)", "", "Argument[0]", "Argument[this].Element", "value", "manual"]
       - ["java.util", "Deque", True, "descendingIterator", "()", "", "Argument[this].Element", "ReturnValue.Element", "value", "manual"]
@@ -428,6 +430,14 @@ extensions:
       - ["java.util", "Collections", "emptySet", "()", "summary", "manual"]
       - ["java.util", "Collections", "sort", "", "summary", "manual"]
       - ["java.util", "Enumeration", "hasMoreElements", "()", "summary", "manual"]
+      - ["java.util", "EnumSet", "allOf", "(Class)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "clone", "()", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "complementOf", "(EnumSet)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "copyOf", "(Collection)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "copyOf", "(EnumSet)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "noneOf", "(Class)", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "of", "", "summary", "df-manual"]
+      - ["java.util", "EnumSet", "range", "(Object,Object)", "summary", "df-manual"]
       - ["java.util", "HashMap", "containsKey", "(Object)", "summary", "manual"]
       - ["java.util", "HashMap", "HashMap", "(int)", "summary", "manual"]
       - ["java.util", "HashMap", "size", "()", "summary", "manual"]
@@ -454,6 +464,7 @@ extensions:
       - ["java.util", "Optional", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Optional", "isPresent", "()", "summary", "manual"]
       - ["java.util", "Random", "nextInt", "(int)", "summary", "manual"]
+      - ["java.util", "ResourceBundle", "getBundle", "", "summary", "df-manual"]
       - ["java.util", "Set", "contains", "(Object)", "summary", "manual"]
       - ["java.util", "Set", "isEmpty", "()", "summary", "manual"]
       - ["java.util", "Set", "size", "()", "summary", "manual"]

java/ql/lib/ext/java.util.prefs.model.yml

@@ -3,6 +3,21 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
+      # summary neutrals
+      - ["java.util.prefs", "Preferences", "get", "(String,String)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getBoolean", "(String,boolean)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getByteArray", "(String,byte[])", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getDouble", "(String,double)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getFloat", "(String,float)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getInt", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "getLong", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "put", "(String,String)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putBoolean", "(String,boolean)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putByteArray", "(String,byte[])", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putDouble", "(String,double)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putFloat", "(String,float)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putInt", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
+      - ["java.util.prefs", "Preferences", "putLong", "(String,int)", "summary", "df-manual"] # needs to be modeled by regular CodeQL matching the get and set keys to reduce FPs
       # sink neutrals
       - ["java.util.prefs", "AbstractPreferences", "nodeExists", "", "sink", "hq-manual"]
       - ["java.util.prefs", "Preferences", "nodeExists", "", "sink", "hq-manual"]

java/ql/lib/ext/java.util.regex.model.yml

@@ -30,4 +30,9 @@ extensions:
       pack: codeql/java-all
       extensible: neutralModel
     data:
+      - ["java.util.regex", "Matcher", "appendReplacement", "(StringBuffer,String)", "summary", "df-manual"]
+      - ["java.util.regex", "Matcher", "appendTail", "(StringBuffer)", "summary", "df-manual"]
       - ["java.util.regex", "Matcher", "find", "()", "summary", "manual"]
+      - ["java.util.regex", "Matcher", "pattern", "()", "summary", "df-manual"]
+      - ["java.util.regex", "Pattern", "compile", "(String,int)", "summary", "df-manual"]
+      - ["java.util.regex", "Pattern", "pattern", "()", "summary", "df-manual"]

java/ql/lib/ext/javax.crypto.model.yml

@@ -24,3 +24,5 @@ extensions:
       - ["javax.crypto", "Cipher", "update", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "updateAAD", "", "summary", "manual"]
       - ["javax.crypto", "Cipher", "wrap", "", "summary", "manual"]
+      - ["javax.crypto", "Mac", "init", "(Key)", "summary", "df-manual"]
+      - ["javax.crypto", "Mac", "doFinal", "()", "summary", "df-manual"]

java/ql/lib/ext/javax.crypto.spec.model.yml

@@ -26,3 +26,8 @@ extensions:
       - ["javax.crypto.spec", "PBEParameterSpec", False, "PBEParameterSpec", "", "", "Argument[0]", "encryption-salt", "manual"]
       - ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],String)", "", "Argument[0]", "credentials-key", "hq-generated"]
       - ["javax.crypto.spec", "SecretKeySpec", False, "SecretKeySpec", "(byte[],int,int,String)", "", "Argument[0]", "credentials-key", "hq-generated"]
+  - addsTo:
+      pack: codeql/java-all
+      extensible: neutralModel
+    data:
+      - ["javax.crypto.spec", "SecretKeySpec", "SecretKeySpec", "(byte[],String)", "summary", "df-manual"]